McAfee Announces New Product That Stops Advanced Threats In Milliseconds

At the core of McAfee Threat Intelligence Exchange is a new virtual appliance that connects multiple enterprise security platforms

SANTA CLARA, Calif.--(BUSINESS WIRE)--McAfee today announced, McAfee Threat Intelligence Exchange, the first in the industry to orchestrate local and global threat intelligence information and enterprise-wide security products into one cohesive integrated security system. McAfee Threat Intelligence Exchange brings a unique approach and capability in the elimination of the gap between encounter to containment of advanced targeted attacks.

By sharing threat information across controls and directing preventative actions in real-time, McAfee is able to provide immediate protection against the threats posed by advanced targeted attacks across both network and endpoint controls. What has traditionally taken days, weeks or months now only takes milliseconds. McAfee Threat Intelligence is a significant evolution of the industry-first Security Connected Platform that was delivered by McAfee in 2011.

Recent high profile data breaches highlight the challenge that organizations face in understanding and combating advanced targeted attacks. In many cases, the breach is not discovered for days or weeks after the initial compromise has occurred, and often far after proprietary and personally identifiable information has been extracted. The ability to quickly spot and pre-empt advanced threats is now a business differentiator as companies seek to protect their intellectual property and assure customers that their data is safe and secure.

Building on McAfee's leadership experience across network, endpoint and data security, McAfee Threat Intelligence Exchange allows organizations to orchestrate security controls to identify patterns, immunize assets against newly-identified malware, and prevent data exfiltration in real-time - optimizing security for each organization. McAfee Threat Intelligence Exchange leverages a unique capability called SmartListing that allows broad security controls to extract and exchange contextual information from such examples as certificate information, reputation data, file characteristics and application behaviors within the environment. The resulting actionable intelligence allows the organization to accurately and instantly contain or allow any payload across the organization's security controls. Thus for the first time, as threats appear, defenses instantly shield assets much more intelligently and without the limitations of signatures or cloud lookups.

McAfee Threat Intelligence Exchange combines local threat data with global intelligence data sources such as McAfee Global Threat Intelligence and other third party and partner fees, to offer truly comprehensive threat intelligence for businesses. The collective package provides unprecedented identification of targeted attacks and enables customized controls that protect automatically based on each organization's unique risks and priorities. This degree of precision offers the most complete and immediate protection against determined criminals and actors behind the most damaging attacks.

Delivering on the Security Connected Vision:

With this announcement, the McAfee Security Connected platform now includes a real-time data exchange messaging framework. The McAfee data exchange layer provides real-time context sharing and orchestration, as well as the collective threat intelligence and adaptive threat prevention in McAfee Threat Intelligence Exchange. These industry-leading breakthroughs boost the protective performance of existing McAfee solutions from endpoint, network and analytics environments, and also deliver a standardized data framework by which partners, competitors, and other third party products will be able to orchestrate together in halting advanced threats.

"With complex threats attacking businesses every day, our customers need this adaptive threat prevention now," said Mike Fey, worldwide chief technology officer for McAfee. "We are making it easier to tie together intelligence and actions so that our customers' existing products deliver greater protection while simultaneously finding ways to cut operational costs. We are delivering the technology that others are just starting to think about to harden the platform upon which future security products will depend."

· Replaces costly manual tasks with automated, real-time data exchange that allows security components to operate as one to share security intelligence in real-time across endpoint, network and other security components.

· Brings immediate visibility to the presence of advanced targeted attacks in the organization to answer the question "Am I exposed?"

·

· Protects based on the most complete collective threat intelligence built out of global and third party intelligence data sources combined with local threat intelligence and customized organizational knowledge.

· Enables endpoints to share contextual intelligence with each other to gain greater environmental threat context which improves accuracy and effectiveness.

Product is expected to be available in Q2 2014. For more information on McAfee Threat Intelligence Exchange visit www.mcafee.com/TIE.

About McAfee

McAfee, a wholly owned subsidiary of Intel Corporation (NASDAQ:INTC), empowers businesses, the public sector, and home users to safely experience the benefits of the Internet. The company delivers proactive and proven security solutions and services for systems, networks, and mobile devices around the world. With its Security Connected strategy, innovative approach to hardware-enhanced security, and unique Global Threat Intelligence network, McAfee is relentlessly focused on keeping its customers safe. http://www.mcafee.com

The 397 respondents to our new survey buy into using intel to stay ahead of attackers: 85% say threat intelligence plays some role in their IT security strategies, and many of them subscribe to two or more third-party feeds; 10% leverage five or more.

Published: 2015-03-03Off-by-one error in the ecryptfs_decode_from_filename function in fs/ecryptfs/crypto.c in the eCryptfs subsystem in the Linux kernel before 3.18.2 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted filename.

Published: 2015-03-03** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue in customer-controlled software. Notes: none.

How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.